Paloalto PAN-OS vulnerabilities

CVE-2016-2219 [MEDIUM] CWE-79 Cross-site scripting vulnerability Cross-site scripting vulnerability A cross-site scripting vulnerability exists in the web interface whereby data provided by the user is stored without sanitization. (Ref 90635) (CVE-2016-2219). This issue affects the management interface of the device, where an authenticated administrator may be tricked into injecting malicious javascript into the web interface. This issue affects PAN-OS 7.0.1 to PAN-OS 7.0.7 Affected products:

CVE-2016-3657 [CRITICAL] CWE-119 Unauthenticated Buffer Overflow in GlobalProtect/SSL VPN Web Interface Unauthenticated Buffer Overflow in GlobalProtect/SSL VPN Web Interface When a PAN-OS device is configured as a GlobalProtect portal, a vulnerability exists where an improper handling of a buffer involved in the processing of SSL VPN requests can result in device crash and possible remote code execution. (Ref. #89752) (CVE-2016-3657) An attacker with network access to the vulnerable GlobalProt

CVE-2016-3655 [CRITICAL] CWE-20 Unauthenticated Command Injection in Management Web Interface Unauthenticated Command Injection in Management Web Interface Palo Alto Networks PAN-OS implements an API to enable programmatic device configuration and administration of the device. An issue was identified where the management API incorrectly parses input to a specific API call, leading to execution of arbitrary OS commands without authentication via the management interface. (Ref. #89717) (CVE-2016-

CVE-2016-3656 [HIGH] CWE-119 Unauthenticated Stack Exhaustion in GlobalProtect/SSL VPN Web Interface Unauthenticated Stack Exhaustion in GlobalProtect/SSL VPN Web Interface When a PAN-OS device is configured as a GlobalProtect web portal, a specially crafted request to the portal could result in a crash of the service. (Ref. #89750) (CVE-2016-3656) This issue can be exploited remotely by an attacker with network access to the GlobalProtect portal in order to cause a denial-of-service (DoS) via

CVE-2016-3654 [HIGH] CWE-20 Command Injection in Command Line Interface Command Injection in Command Line Interface Palo Alto Networks firewalls implement a command line interface for interactive configuration through a serial interface or a remote SSH session. An issue was identified that can cause incorrect parsing of a specific SSH command parameter, leading to arbitrary command execution on the OS level. This vulnerability requires successful authentication but can be used to execute OS com

CVE-2015-4162 [MEDIUM] XML External Entity (XXE) Vulnerability XML External Entity (XXE) Vulnerability An XML parsing vulnerability exists in PAN-OS allowing a malicious user within PAN-OS to inject malicious XML data into the web-based device management front-end allowing the user to retrieve arbitrary content from the device. The user must be an authenticated user issuing the request. (Ref #71273) This issue affects the management interface of the device, where an authenticated administrator

CVE-2015-0235 [CRITICAL] CWE-119 GHOST: glibc vulnerability GHOST: glibc vulnerability The open source library “glibc” has been found to contain a recently discovered vulnerability (CVE-2015-0235, commonly referred to as “GHOST”) that has been demonstrated to enable remote code execution in some software. Palo Alto Networks software makes use of the vulnerable library, however there is no known exploitable condition in PAN-OS software enabled by this vulnerability at the time of this advisory.

CVE-2014-8730 [MEDIUM] CWE-310 Padding-oracle attack on TLS CBC cipher mode Padding-oracle attack on TLS CBC cipher mode A vulnerability affecting some implementations of TLS 1.x with CBC cipher modes has been discovered that allows an attacker to decrypt some encrypted contents under certain conditions (CVE-2014-8730). This padding-oracle attack on TLS CBC cipher modes is a variant of the POODLE vulnerability, commonly known as “POODLE Bites”. This issue is confirmed to affect PAN-OS implement

CVE-2014-3764 [MEDIUM] CWE-79 Cross-site scripting vulnerability Cross-site scripting vulnerability A cross-site scripting vulnerability exists in the web-based device management interface whereby data provided by the user is echoed back to the user without sanitization. (Ref # 64563). This vulnerability has been assigned CVE-2014-3764. This issue affects the management interface of the device, where an authenticated administrator may be tricked into injecting malicious javascript into the web

CVE-2014-3566 [LOW] CWE-310 SSL 3.0 MITM Attack SSL 3.0 MITM Attack A vulnerability affecting most implementations of SSL 3.0 has been discovered that allows an attacker to decrypt some encrypted contents under certain conditions (CVE-2014-3566). The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. More info

CVE-2014-6271 [CRITICAL] CWE-78 PAN-SA-2014-0004 Bash Shell remote code execution (CVE-2014-6271, CVE-2014-7169) PAN-SA-2014-0004 Bash Shell remote code execution (CVE-2014-6271, CVE-2014-7169) Palo Alto Networks has become aware of a remote code execution vulnerability in the Bash shell utility. This vulnerability (CVE-2014-6271) allows for remote code execution through multiple vectors due to the way Bash is often used on linux systems for processing commands. Additional information can be fo

CVE-2014-0224 [HIGH] CWE-310 OpenSSL Man-in-the-middle vulnerability OpenSSL Man-in-the-middle vulnerability The Palo Alto Networks product security engineering team has completed analysis of our products' exposure to the vulnerabilities described in the OpenSSL Security Advisory dated June 5th, 2014. Of the 7 CVEs highlighted in the advisory, only CVE-2014-0224 is relevant to our software. The remaining vulnerabilities to not apply because we do not use or support use of Datagram Transport Lay

CVE-2013-5664 [MEDIUM] CWE-79 Cross-site Scripting Vulnerability Cross-site Scripting Vulnerability A cross-site scripting vulnerability exists in the web-based device management API browser whereby data provided by the user is echoed back to the user without sanitization. (Ref #50908) This issue affects the management interface of the device where the API browser is exposed. This issue affects PAN-OS version 4.1.12 and earlier; 5.0.5 and earlier. Affected products: PAN-OS Solution: PAN-OS 4.

CVE-2013-5663 [MEDIUM] CWE-264 App-ID Cache Poisoning App-ID Cache Poisoning An evasion technique that takes advantage of the App-ID cache function has recently been published. In certain circumstances, a knowledgeable user can bypass security policy that restricts the use of certain applications by sending numerous specially crafted requests over the network in order to poison the firewall’s App-ID cache. This can result in the use of a blocked application for a period of time. If the App-ID c

CVE-2012-6601 [CRITICAL] CWE-78 Command Injection Vulnerability Command Injection Vulnerability A vulnerability exists whereby an unauthenticated user can execute arbitrary code as root on the device. (Ref #36983) This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.1.3 and earlier; PAN-OS 4.0.9 and earlier; PAN-OS 3.1.11 and earlier. Affected products: PAN-OS Solution: PAN-OS 4.1.4 and later; PAN-OS 4.0.10

CVE-2012-6591 [CRITICAL] CWE-78 Command Injection Vulnerability Command Injection Vulnerability A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #31116) This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device. This issue affects PAN-OS 4.0.4 and earlier; PAN-OS 3.1.9 and ea

CVE-2012-6592 [CRITICAL] CWE-78 Command Injection Vulnerability Command Injection Vulnerability A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. (Ref #31091) This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.4 and earlier; PAN-OS 3.1.9 and earlier. Affected products: PAN-OS Solution: PAN-OS 4.0.5 and later; PAN-OS 3.1.10 and later. Workaround: This issu

CVE-2012-6598 [CRITICAL] CWE-78 Command Injection Vulnerability Command Injection Vulnerability A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #33080) This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.7 and earlier; PAN-OS 3.0.x is not affected. Affected products: PAN-OS Solution: PAN-OS 4.0.8 and later.

CVE-2012-6599 [CRITICAL] CWE-78 Command Injection Vulnerability Command Injection Vulnerability A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #33476) This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.1.0 and earlier; PAN-OS 4.0.7 and earlier; PAN-OS 3.0.x is not affected. Affected products: PAN-OS Solution

CVE-2012-6600 [CRITICAL] CWE-78 Command Injection Vulnerability Command Injection Vulnerability A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34502) This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.1.1 and earlier; PAN-OS 4.0.8 and earlier; PAN-OS 3.0.x is not affected. Affected products: PAN-OS Solution